> I should try that. What I've been doing instead is using a certain format > for the password, something like #:xx637FUbar where the xx part is replaced > by a couple of letters based on the name of the machine or system I am > connecting to. That means that I have different passwords on every system, > but I can still remember them. I guess it is theoretically possible for > someone to figure out what I've done, but I think that is very unlikely. > > Mike I've read in several 'security' places (conferences, blogs, etc, take 'em all with a grain of salt) that that's a very effective way to manage passwords. The idea being that (1) the main component of the password is "strong", but there's only one so it's not too hard to remember, and (2) the site-unique piece of the password prevents the vulnerability associated with using a single (however strong) password for multiple sites. Since it's completely unreasonable to expect a normal person to remember multiple "strong" passwords, it's what I recommend to extended family and friends. However, I was unaware of KeePass... Seems like that solves the problem more securely, and with less thought/memorization required on the user end. Thanks for the recommendation! -H -- Harry Penner 952-807-4229